Kasper Bertelsen warns that several vulnerabilities he discovered in Joomla's Helpdesk Pro can lead to remote code execution on hosts hosting the Web application.
Helpdesk Pro is an extension of Joomla that allows administrators and users to use support bids.
Let's mention some websites that use this Plugin: eBay, Heathrow Airport, and the High Court of Australia.
Vulnerabilities were discovered by Simon Rawet, Kristian Varnai, and Gregor Mynarsky, and include: direct object references, cross-site scripting, SQL injection, local file injection, arbitrary file upload.
“[Vulnerabilities] leave systems vulnerable to a wide variety of attack types, resulting in the disclosure of potentially sensitive information, but also in the complete acquisition of server with arbitrary code execution," they report.
Vulnerabilities work because the λήψη συνημμένων και οι services upload restrictions do not restrict someone from downloading files.
So an attacker can download the configuration.php file, for example, which contains sensitive information such as user names, database passwords, and FTP credentials.